Re: [squid-users] squid setuid-binary ncsa_auth and pam_auth from Henrik Nordstrom on 2007-11-13 (squid-users)

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Tue, 13 Nov 2007 23:32:47 +0100

On tor, 2007-11-01 at 14:09 -0500, Cryer,Phil wrote:
> During a review on squid, we found the following setuid-binary set to
> run as root
> E: squid setuid-binary /usr/lib64/squid/ncsa_auth root 04750
> E: squid setuid-binary /usr/lib64/squid/pam_auth root 04750

No idea why ncsa_auth is installed suid in your setup. It does not need
to, and should not.. If using a binary Squid distribution please report
this to your distributor.

pam_auth however need to be suid to work properly on systems having
shadow password database. But you only need this if you are using
pam_auth.

Regards
Henrik

application/pgp-signature attachment: This is a digitally signed message part

Received on Tue Nov 13 2007 - 15:33:02 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:02 MST